> Yes. To reiterate, the right solution is that the individual > worksheets(or at least SAGE users) all run as separate > users distinct from the notebook process (and -- ideally -- > from each other). They then would not have permissions > to kill the server. In particular, with this model -- which we'll > be implementing -- if you type
I think a robust implementation of the above is what we should aim for. i.e. for each user can we associate a less priviledge python process that we (the notebook admin) can completely control: *permissions* and *disk space* and *cpu time* ? Some relevant reading from a well known python-dev: http://sayspy.blogspot.com/2007/05/i-have-finished-securing-python.html Some relevant quotes from his article: " The original goal of this work was to come up with a way so that you could run Python code in an embedded Python interpreter and not worry about it opening arbitrary sockets or touching any files unless you explicitly allowed it ..." " [The goal was not] to protect intangible things such as memory or CPU usage." Does the second quote mean this is a fairly hard problem? Alex sage: import os > sage: os.system("whoami") > sageuser17 > > and sageuser17 can't kill the server process. > > > I mean doing > > > > sage: import os > > sage: os.system("whoami") > > server2 > > sage: os.system("ps -u server2") > > PID TTY TIME CMD > > 6418 ? 00:00:00 sh > > 6419 ? 00:00:00 sage > > 6425 ? 00:00:00 sage-sage > > 6439 ? 00:00:00 sage-run > > 6440 ? 00:00:00 sh > > ..... > > sage: os.system("kill -9 6418") > > > > I don't see how sage can recover from this (on my system it didn't). > > Unless it is started by some kind of monitoring process running as > > root. > > > > > > On Jun 6, 9:33 pm, "William Stein" <[EMAIL PROTECTED]> wrote: > > > On 6/6/07, Michel <[EMAIL PROTECTED]> wrote: > > > > > > > Yes, I agree. But one has to guard against the user > > > > killing his own sage process. Is it possible to prevent this? > > > > > > > If this is not possible then any solution will be basically > > > > equivalent to mine (restarting the sage process of the user). > > > > Implemented within sage of course instead of a shell > > > > script. > > > > > > > Ah: maybe your point is that if the user kills his own > > > > sage process he is just shooting himself in the foot? > > > > So no special action should be required... > > > > > > Correct. In fact, just type quit in a notebook input cell > > > to kill your process. Fortunately, SAGE realizes that > > > the process terminated and it will restart it when you next > > > do a calculation: > > > > > > {{{ > > > quit > > > /// > > > Exited SAGE process > > > > > > }}} > > > > > > {{{ > > > 2+2 > > > /// > > > 4 > > > > > > }}} > > > > > > > > > > > > -- > William Stein > Associate Professor of Mathematics > University of Washington > http://www.williamstein.org > > > > --~--~---------~--~----~------------~-------~--~----~ To post to this group, send email to sage-devel@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/sage-devel URLs: http://sage.scipy.org/sage/ and http://modular.math.washington.edu/sage/ -~----------~----~----~----~------~----~------~--~---
